Certificate Types
===========================

Self Signed Certificate
-------------------------

The simplest type are self signed certificates. Self signed certificates are not 
signed by a public certification authority. Self Signed Zerts are generated by 
the OPC UA server itself. For this reason, external or public OPC UA applications 
should not trust these certificates. However, these certificates are sufficient 
for the test or in an internal environment.

CA Certificate
----------------

CA certificates are issued by a public certification authority. CA certificates
are used to sign Application certificates and Intermdiate Certificates and are 
combined into a Cert chain. If a CA certificate is trusted, all derived 
certificates are also trusted.

Application Certificate
-------------------------

An Application certificate is used for the encryption and signature of 
OPC UA communication connections for an application. An application certificate 
can be self-signed, signed by a CA certificate or signed by an intermediate 
certificate. 

Intermediate Certificate
--------------------------

Intermediate certificates are used to group application certificates. A
intermediate certificate is signed by a CA certificates or a other 
intermediate certificate. If a intermediate certificate is trusted, 
all derived certificates are also trusted.